浏览器劫持(Browser Hijacks)似乎在全球范围内以惊人的速度增加,这可能是一种真正的麻烦,有时也很危险。在这篇文章中,我们将了解浏览器劫持(Browser Hijacking)以及如何在Edge、Firefox、Chrome、Internet Explorer和Windows 10的(Windows 10)Opera网络浏览器中防止和删除浏览器劫持(Browser Hijacking),本机或使用免费的浏览器劫持删除(Browser Hijacker Removal)工具和软件。
什么是浏览器劫持
(Browser)当您发现您的网络浏览器的设置在未经您许可的情况下被更改时,就会发生浏览器劫持。当您安装新软件时可能会发生这种情况,并且在安装过程中,您的设置会发生变化;或者,如果某些恶意软件在您不知情的情况下控制了您的计算机(包括浏览器)并更改了其设置,则可能会发生这种情况。Chromium 浏览器恶意软件(Chromium browser malware)就是一个例子。
我如何知道我的浏览器是否被劫持?
具体来说,当您的浏览器被劫持时,可能会发生以下情况:
- 主页变了
- 默认搜索引擎已更改
- 您无法导航到某些网页,例如安全软件的主页
- 您被重定向到您从未打算访问的页面
- 您会在屏幕上看到广告或弹出广告。网站不提供服务
- 您会看到添加了新的工具栏
- 您会看到添加了新的书签(Bookmarks)或收藏夹(Favorites)。
- 您的网络浏览器开始运行缓慢。
如果您遇到任何这些问题,您的网络浏览器很可能已被劫持!
浏览器劫持者危险吗?
当然,浏览器劫持者是危险的。它们不仅可以向您显示弹出广告,还可以将您重定向到恶意网站、窃取您的密码和机密数据或浏览行为——甚至劫持您的 PC!
浏览器劫持者
在我们了解什么是Browser Hijacker之前,让我们看看什么是Browser Helper Object或BHO。这些基本上是旨在丰富您的浏览体验的小程序。BHO 是Internet Explorer在启动时加载的组件对象模型(Component Object Model)( COM ) 组件。这些对象在与浏览器相同的内存上下文中运行。这意味着每次启动Internet Explorer时,已安装的BHO(BHOs)都会加载并与浏览器一起运行。文件资源管理器(File Explorer)也支持BHO(BHOs) ,每次启动文件资源管理器(File Explorer)时都可能会加载 BHO 。
现在,如果任何BHO、扩展程序、附加组件、工具栏或插件被恶意安装在您的浏览器上,您可以将该软件标记为浏览器劫持者(Browser Hijacker)。
如果您愿意,您可以通过Internet Explorer中的Internet选项启用或禁用(Options)BHO和扩展(Extensions),如下所示。
只需取消选中启用第三方浏览器扩展(Enable third-party browser extensions)选项即可。
如何停止浏览器劫持- 浏览器劫持预防(– Browser Hijack Prevention)
- 如果您的防病毒软件允许,请安装好的安全软件并打开检测可能不需要的程序的选项。(Potentially Unwanted Programs)
- (Take)安装任何新软件时要小心。永远不要(Never)盲目地点击Next , Next , Next 。
- 选择退出任何第三方软件。
- 切勿安装可信度可疑的插件或扩展程序,并卸载您不需要的插件或扩展程序。
- 如果可以的话,安装可以实时监视系统的软件——比如WinPatrol。在这篇文章的末尾,已经对这个和其他工具进行了更多的介绍。
- 强化(Harden)您的ActiveX设置。打开Internet 选项(Options) > Security > Internet > Custom Level。在ActiveX部分中,将下载签名的 ActiveX 控件(Download signed ActiveX controls)设置为提示,将下载未签名的 ActiveX 控件(Download unsigned ActiveX controls)设置为禁用并初始化并将未标记为安全的 ActiveX 控件脚本(Initialize and Script ActiveX controls not marked as safe)设置为禁用。
阅读(Read):如何最好地保护 Windows 10 的 Web 浏览器(How to best secure web browsers for Windows 10)。
浏览器劫持清除
1] 您可以打开浏览器的插件管理(Addons Manager)器并检查所有已安装的插件、扩展和插件。如果您发现任何可疑之处,您可以将其卸载。
2] 如果您发现这只是您的默认搜索或主页被劫持的情况,您可以通过浏览器设置恢复这些设置。但如果更严重,比如你的链接被重定向到其他网站,无法打开某些网站等等,那么你的Hosts 文件 (Hosts file )也可能被劫持了。您可能需要重置您的主机文件。(reset your Hosts File.)(reset your Hosts File.)
3]如果您发现您的浏览器被劫持,我们也建议您刷新您的 DNS 缓存。(Flushing your DNS Cache)(Flushing your DNS Cache)
4]检查(Check)是否已将任何站点添加到您的受信任站点区域(Trusted Sites Zone),如下所示。
阅读有关如何管理 Internet Explorer 安全区域的更多信息。
5] 您也可以使用网络浏览器的重置浏览器设置(Reset browser settings)工具将其所有设置重置为原始默认值。在浏览器劫持的情况下,这是一个非常强大且有用的工具。阅读这些链接了解更多详情:
- 重置边缘(Reset Edge)
- 重置 Internet Explorer
- 重置火狐
- 重置铬(Reset Chrome)。
6] 完成此操作后,您可能需要运行CCleaner,然后使用防病毒软件全面扫描(full-scan)您的计算机。
浏览器劫持者卸妆工具
1] AdwCleaner是一个很好的工具,可以扫描您的计算机以查找PUP(PUPs)和浏览器劫持(Browser Hijackers)程序,并帮助轻松删除它们。可能不需要的程序(Programs)或PUP(PUPs)在软件安装过程中经常被提出。它们可能是工具栏的形式,可能会劫持您的浏览器,尤其是在您没有从安全软件下载站点下载它们的情况下。AdwCleaner是一个便携式工具,通过此工具,您还可以通过单击工具(Tools)然后单击 Hosts Anti-PUP/Adware 来安装Hosts Anti-PUP/AdwareAnti-PUP/Adware。这是一个降低安装风险的程序(Potentially Unwanted Programs)通过阻止对某些网站的访问来潜在有害程序和浏览器劫持者。(Browser Hijackers)
2] WinPatrol是一款有用的免费软件,它会在您的系统发生任何更改时提醒您。
它还将帮助您通过其IE Helpers选项卡删除Internet Explorer中的任何恶意浏览器帮助程序对象。(Browser Helper Objects)但是,在卸载或删除它们之前,您需要知道哪些是恶意的。
3] HitmanPro.Alert 是一款不错的浏览器入侵检测工具。HitmanPro.Alert是一款免费的浏览器完整性和入侵检测工具,可在网上银行和金融交易不再安全时向用户发出警报。它专注于保护您的系统免受银行木马的侵害。
HitmanPro.Alert将立即检测超过 99% 的所有已知和新的银行木马(Trojans)和浏览器中的(Man-in-the-Browser)恶意软件,并在关键系统功能被转移到不受信任的程序时自动通知用户。
4]为避免安装这些程序,请确保在防病毒软件中启用对潜在有害程序的检测(enable detection of Potentially Unwanted Programs)。如果您在卸载工具栏方面需要帮助,这些免费的工具栏删除工具(free toolbar removal tools)(free toolbar removal tools)一定会为您提供帮助。
如何手动删除浏览器劫持者?
如果您想手动删除浏览器劫持程序,请在控制面板(Control Panel)中检查可疑程序并将其删除。此外,检查浏览器中的可疑插件。您可能还想将浏览器设置重置为默认值。最后,使用防病毒软件扫描您的 PC。
补充阅读:(Additional reads:)
- 适合初学者的恶意软件删除指南和工具(Malware Removal Guide & Tools for Beginners)
- 什么是流氓软件以及如何检查、预防或删除它?(What is Rogue Software & how to check for, prevent, or remove it?)
- ZHPCleaner 是一个删除浏览器劫持者和恢复代理设置的软件。
我们很想听听您的经历。你经历过浏览器劫持吗?你做了什么来删除它?有什么建议,您可能想给我们的其他读者?(We would love to hear about your experiences. Have you ever experienced a browser hijack? What did you do to remove it? Any suggestions, you may want to give our other readers?)
Browser Hijacking and Free Browser Hijacker Removal Tools
Browser Hijacks appear to bе increasing аt an alarming rate globally, and іt сan be a real nuisаnce, and at times dangerous too. In thiѕ post, we wіll hаve a look at Browser Hijacking and how to prevent and remove Browser Hijacking in Edge, Firefox, Chrome, Internet Explorer, and Opera web browsers for Windows 10, natively or by using free Browser Hijacker Removal tools and software.
What is Browser Hijacking
Browser hijacking occurs when you find that your web browser’s settings have been changed without your permission. This could happen when you are installing new software, and during installation, your settings get changed; or it could occur if some malicious software takes control of your computer including the browser, and changes its settings, without your knowledge. An example is the Chromium browser malware.
How do I know if my browser is hijacked?
Speaking specifically, when your browser is hijacked, the following could happen:
- The home page is changed
- The default search engine is changed
- You can’t navigate to certain web pages like home pages of security software
- You get re-directed to pages you never intended to visit
- You see ads or ad pops up on your screen. Not served by the website
- You see new toolbars added
- You see new Bookmarks or Favorites added.
- Your web browser starts running sluggishly.
If you are facing any of these issues, your web browser may well have been hijacked!
Are browser hijackers dangerous?
Of course, browser hijackers are dangerous. Not only can they show you popup ads, but they can also redirect you to malicious websites, steal your passwords and confidential data or browsing behavior – and even hijack your PC!
Browser Hijacker
Before we see what is a Browser Hijacker, let’s see what is a Browser Helper Object or BHO. These are basically small programs that are intended to enrich your browsing experience. BHO’s are Component Object Model (COM) components that Internet Explorer loads whenever it starts. These objects run in the same memory context as the browser. This means that every time you start Internet Explorer, the installed BHOs get loaded and run along with the browser. BHOs are also supported by File Explorer and may be loaded every time you start File Explorer.
Now if any BHO, extension, add-on, toolbar, or plugin gets installed on your browser with malicious intent, you could well label that piece of software as a Browser Hijacker.
If you wish, you can enable or disable BHO and Extensions via Internet Options in Internet Explorer, as shown below.
Simply uncheck the option Enable third-party browser extensions.
How do I stop browser hijacking – Browser Hijack Prevention
- Install good security software and turn on the option to detect Potentially Unwanted Programs if your antivirus software so permits.
- Take care while installing any new software. Never click Next, Next, Next blindly.
- Opt-out of any third-party software.
- Never install plugins or extensions of doubtful credibility and uninstall the ones you do not need.
- If you can, install software that can keep a watch on your system in real-time – something like WinPatrol. This and other tools have been covered a bit more, at the end of this post.
- Harden your ActiveX settings. Open Internet Options > Security > Internet > Custom Level. In the ActiveX section, set Download signed ActiveX controls to Prompt, Download unsigned ActiveX controls to Disable and Initialize and Script ActiveX controls not marked as safe to Disable.
Read: How to best secure web browsers for Windows 10.
Browser Hijack Removal
1] You may open the Addons Manager of your browser and check all the installed add-ons, extensions, and plugins. If you find anything suspicious, you may uninstall it.
2] If you find that its simply a case of your default search or home page having been hijacked, you may revert these settings back, via the browsers settings. But if it is more serious, like your links being redirected to other sites, being unable to open certain websites, etc., then maybe your Hosts file too could have been hijacked. You may need to reset your Hosts File.
3] Flushing your DNS Cache is also something we would like to recommend if you find that your browser has been hijacked.
4] Check if any sites have already been added to your Trusted Sites Zone as shown below.
Read more on how to manage the Internet Explorer Security Zones.
5] You may also use the Reset browser settings tool of your web browser to reset all its settings to original defaults. This is a pretty powerful and useful tool to use, in the case of browser hijacks. Read these links for more details:
6] Once you have done this, you may want to run CCleaner and then full-scan your computer using your antivirus software.
Browser Hijacker Remover Tools
1] AdwCleaner is a good tool that scans your computer for PUPs and Browser Hijackers and helps remove them easily. Potentially Unwanted Programs or PUPs are often proposed during the installation of software. They may be present form of toolbars that could hijack your browser, especially if you have not downloaded them from safe software download sites. AdwCleaner is a portable tool, and via this tool, you can also install Hosts Anti-PUP/Adware by clicking Tools and then Hosts Anti-PUP/Adware. It is a program that reduces the risk of installing Potentially Unwanted Programs and Browser Hijackers by blocking access to some websites.
2] WinPatrol is one useful freeware that will alert you whenever any change is made to your system.
It will also help you remove any malicious Browser Helper Objects in Internet Explorer via its IE Helpers tab. You need to know however which ones are malicious before you uninstall or remove them.
3] HitmanPro.Alert is a good Browser intrusion detection tool. HitmanPro.Alert is a free browser integrity & intrusion detection tool that alerts users when online banking and financial transactions are no longer safe. It focuses on keeping your system safe from banking Trojans.
HitmanPro.Alert will instantly detect over 99% of all known and new banking Trojans & Man-in-the-Browser malware and automatically inform users when critical system functions are diverted to untrusted programs.
4] To avoid the installation of these programs make sure that you enable detection of Potentially Unwanted Programs in your antivirus. If you need help in uninstalling toolbars, these free toolbar removal tools are sure to help you.
How do I manually remove a browser hijacker?
If you want to manually remove a browser hijacker, check for suspicious programs in the Control Panel and remove them. Also, check for suspicious addons in your browser. You may want to also reset your browser settings to default. Finally, scan your PC with your antivirus software.
Additional reads:
- Malware Removal Guide & Tools for Beginners
- What is Rogue Software & how to check for, prevent, or remove it?
- ZHPCleaner is a software to remove Browser Hijackers & restore Proxy settings.
We would love to hear about your experiences. Have you ever experienced a browser hijack? What did you do to remove it? Any suggestions, you may want to give our other readers?